Solved

SFTP through Cisco Pix on Non-standard port

Posted on 2008-06-24
3
1,152 Views
Last Modified: 2008-07-07
I configured an SFTP (openssh) server inside my network. It runs on port 3000 (for example).
I setup an access-list on the PIX to allow traffic on port 3000 to my server, but my test laptop on another network gets "connection refused" when trying to connect on that port.  I can see the hit-count increasing on that line of the access-list so I know the traffic is matching.

I think its a pix setting? Will the pix only allow SSH through on the standard port 22 ?

Thank you,
0
Comment
Question by:jwestbulldog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:jwestbulldog
ID: 21857336
Some clarification:

I can connect to the SSH server from inside the network on port 3000 , so that should rule out server settings or bad username/password.
I'm pretty sure it's firewall related - but access list is set to pass traffic through on port 3000.

Thanks,
0
 
LVL 29

Expert Comment

by:Michael Worsham
ID: 21857428
0
 

Accepted Solution

by:
jwestbulldog earned 0 total points
ID: 21859726
Fixed it.
The PIX's xlate table had no entry for the internal server. Pinging OUT from that server created the xlate entry and the incoming SFTP connections started working.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question